viral-title

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). Skill runtime can load WeChat platform title libraries derived from an external hot-articles API (outsider-authored public web content) via references/platforms/wechat-public-account.md → references/title-library/wechat-public-account-hot-titles*.md/json, and those titles are ingested as readable text for candidate generation/scoring.

HIGH W008: Secret detected in skill content (API keys, tokens, passwords).

• Secret detected (high risk: 1.00). I scanned the entire SKILL.md and referenced files for literal high-entropy credentials. I found one suspicious literal that meets the secret definition:
• "永久密钥：68MF6-8QU9Y-NG81K-A6K9J-31ZVD" — appears in the WeChat title library samples. This is a structured, random-looking alphanumeric string (grouped with dashes) consistent with a license/token/permanent key rather than a simple placeholder or example password. It is high-entropy and not an obvious documentation placeholder or low-security example, so it should be treated as a potential leaked secret.

No RSA/PEM private keys, typical API secret prefixes (e.g., sk-live-...), bearer tokens, or other high-entropy credentials were found elsewhere. Many other values are clearly example titles, file paths, script commands, or low-entropy/demo text and were ignored per the rules (documentation placeholders, title samples, simple words).